Luke Bratch <luke@xxxxxxxxxxxx> wrote: > Hello > > [1.] One line summary of the problem: > > The patch "netfilter: on sockopt() acquire sock lock only in the required > scope" breaks at least sshuttle. > > [2.] Full description of the problem/report: > > sshuttle does not work in at least kernel 4.9.84 or kernel 4.14.22 (and I > suspect the other latest stable kernels). It was broken by the following > patch: > > https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=linux-4.9.y&id=4ec264d8128958e66d048f45fd1c4c28cfedb119 > > commit 4ec264d8128958e66d048f45fd1c4c28cfedb119 > Author: Paolo Abeni <pabeni@xxxxxxxxxx> > Date: Tue Jan 30 19:01:40 2018 +0100 > > netfilter: on sockopt() acquire sock lock only in the required scope > > commit 3f34cfae1238848fd53f25e5c8fd59da57901f4b upstream. > > I /believe/ this is a kernel bug as it seems to break userspace. Yes, Greg queued up the fix for this: https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-4.9/netfilter-drop-outermost-socket-lock-in-getsockopt.patch?id=9b5ac8914f462baebf3db3515f7625c4e22d1e6f which is commit 01ea306f2ac2baff98d472da719193e738759d93 upstream. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
